NCR Corporation - Experts & Thought Leaders

Positive Technologies researchers, Vladimir Kononovich and Alexey Stennikov have discovered vulnerabilities in the Wincor Cineo ATMs, with the RM3 and CMD-V5 dispensers (Wincor is currently owned by Diebold Nixdorf). ATM cyber-attacks With access to the dispenser controller’s USB port, an attacker can install an outdated or modified firmware version (for example, with disabled encryption), to bypass the encryption and make cash withdrawals. Diebold Nixdorf (Diebold Incorporated) has more than 1 million of its ATMs installed worldwide, making it one of the largest ATM manufacturers, with a 32 percent share of the global market. Most previous generations of ATMs could not withstand black-box attacks. In such cases, a hacker connects to the dispenser, via a computer or mobile device, and sends a special code, which results in the ATM dispensing money. In research performed by Positive Technologies in 2018, 69 percent of ATMs turned out to be vulnerable to such attacks and could be hacked in minutes. Modern ATMs with built-in protection against black-box attacks Modern ATMs, including Wincor Cineo, have built-in protection against black-box attacks Modern ATMs, including Wincor Cineo, have built-in protection against black-box attacks. This protection is achieved by using end-to-end encryption between an ATM computer and the dispenser. The computer sends encrypted commands to the dispenser and a hacker cannot withdraw money, without encryption keys stored on the ATM computer. Vladimir Kononovich, Senior Specialist of ICS Security, at Positive Technologies, said “In the case of Wincor Cineo, we managed to figure out the command encryption used in the interaction between the PC and the controller, and bypass the protection against black-box attacks. At a popular website, we bought the same dispensing controller, as the one used in Wincor's ATMs.” Issues of bugs in controller code and old encryption keys Vladimir Kononvich adds, “Bugs in the controller code and old encryption keys allowed us to connect to an ATM, using our own computer (as in a classic black-box attack) and bypass the encryption, and make cash withdrawal. Currently, the attack scenario consists of three steps - Connecting a computer to an ATM, loading outdated and vulnerable firmware, and exploiting the vulnerabilities to access the cassettes, inside the safe.” According to Vladimir Kononovich, some manufacturers rely on security through obscurity, with proprietary protocols that are poorly studied and the goal of making it difficult for attackers to procure equipment, in order to find vulnerabilities in such devices. However, the research shows that such equipment is not difficult to find on the open market and analyse, which can be used by criminal groups. CVE-2018-9099 and CVE-2018-9100 vulnerabilities The first flaw, CVE-2018-9099, was detected in the firmware of the CMD-V5 dispenser Both vulnerabilities received a CVSSv3.0 score of 6.8. The first flaw, CVE-2018-9099, was detected in the firmware of the CMD-V5 dispenser (all versions up to and including - 141128 1002 CD5_ATM.BTR and 170329 2332 CD5_ATM.FRM). The second, CVE-2018-9100, was detected in the firmware of the RM3/CRS dispenser (all versions up to and including - 41128 1002 RM3_CRS.BTR and 170329 2332 RM3_CRS.FRM). To fix the vulnerabilities, credit organisations must request the latest firmware version from ATM manufacturers. Moreover, as an additional security factor, the vendor should enable physical authentication for the operator during firmware installation. hardwear.io security conference On October 29, Vladimir Kononovich will talk about the detected vulnerabilities at the hardwear.io hardware security conference, taking place in The Netherlands. In 2018, Positive Technologies experts helped eliminate vulnerabilities in ATMs of another major ATM machines manufacturer, NCR (NCR Corporation).

On the heels of the release of Ocularis 5.0, OnSSI has now announced the introduction of several new technology integrations for its recently released VMS with C2P’s software solution. Ocularis 5.0, which is based on a new recorder, maximises HDD storage effectiveness with dynamic data management for automatic storage load balancing, End-to-End 256 bit AES Encryption and edge recording support. The newly certified integrations with Ocularis 5.0, provide security professionals with valuable situational information across a wide range of applications including banking, access control, asset tracking, license plate recognition and point-of-sale. “The correlation of video and data creates an extremely effective and intelligent security solution,” said Ken LaMarca, VP of Sales and Marketing, OnSSI. “Ocularis’ open architecture not only makes this integration possible, it results in a powerful tool that meets a variety of demanding applications and delivers comprehensive intelligence across multiple platforms. Most important, beyond the power of these integrations, the systems provide vital information, better enabling the operators to assess emerging situations and provide them with information to choose an appropriate course of action.” Details on these integrations are as follows: Banking Integrations with Diebold and Fiserv for teller terminals and ATM deployments allow for TCP/IP text and/or events to be streamed live directly to Ocularis in the form of JPEG images. The TCP/IP data is also stored as texts for forensic searches afterwards. All banking transactions are time synchronised with area video surveillance in real-time and includes real-time charting of specific events. Access control These integrations with Axis, DMP, DSX, FST21, Hirsch, ISONAS, Keri Systems, Keyscan, and RBH provide for real-time access control activity and user defined, real-time on-screen event annotation. The seamless integration with OnSSI provides real-time analytics which enables users to define rules based on the text received from the access control system. These rules are then used to engage the full power of the Ocularis Event Fusion engine to push video of the event to predefined client screens, lock/unlock doors, blow horns, turn PTZs, send email and SMS alerts, etc. The C2P framework also includes a powerful text search tool, linking all texts received from the access control system with stored surveillance video. Reports are available for export as CSV files and also as video evidence. Asset tracking Traditional asset tracking is enhanced by this integration, allowing users of Visonic RFID or generic bar code readers to see real-time onscreen notifications of asset activity, as well as email and SMS alerts. The information can be exported for video evidence or as a CSV file for reporting purposes. License plate recognition This LPR integration with ELSAG, HTS, Inex/Zamir, Mango, PlateSmart and Vigilant Solutions provides users with real-time onscreen confirmation of LPR activities, the ability to graph specific events, and time synchronisation of all license plate reads with area surveillance video. Onscreen event connotation, email and SMS alerts, a powerful search tool for all LPR text, and stored video are included. Exports include reports as a CSV file or video evidence. Point-of-sale Integrations with IBM RMS, LOC, Micros, NCR Radiant, and POSitouch provide for all POS transactions to be time-synchronised with all Ocularis surveillance video. Real-time features include onscreen POS terminal activity, time graphing of specific events and POS transaction analytics enabling users to quickly find activities of interest. User-defined event annotation via onscreen messaging and push video, email and SMS alerts are also included. Video evidence can easily be exported as CSV files or displayed onscreen as a camera view. “Working with OnSSI to accomplish this integration has been a smooth and positive experience thanks to the open architecture of Ocularis 5.0,” said Paul Eaton, President and CTO, C2P. “The solution efficiently addresses the complexities of bringing together video and data for highly effective use in security applications.”

With interactive video software from NCR, South Shore Bank customers can bank with live video teller Red Hawk Fire & Security LLC, a leader in fire, life safety and security services recently announced the successful integration of NCR Interactive Tellers at the new South Shore Bank Financial Center in Hingham, Massachusetts. With interactive video software from NCR, South Shore Bank customers can bank with a live video teller and conduct up to 95 percent of typical teller transactions, extending its capabilities far beyond that of today’s ATMs. Interactive Teller allows a live teller to take remote control of the device while engaging the customer over two-way video, providing a personalised experience. Video collaboration and transaction processing can both reduce operating costs by centralising tellers across multiple branches, while still connecting customers and tellers in a face to face, highly personal engagement. More than 100 financial institutions around the globe are putting the human touch to banking technology through assisted service solutions from NCR. In fact, 98 percent of all financial institutions running assisted service technology rely on NCR Interactive Services. With assets of approximately $1 billion and a long history of exceeding customer expectations, South Shore Bank has 14 branch locations and a network of ATMs to serve neighbourhoods throughout the demographically diverse communities on Boston’s South Shore. In order to create a next generation branch bank with extended hours to better connect with customers in a more personalised, contemporary way, South Shore turned to trusted partner Red Hawk Fire & Security. “We had been a Red Hawk customer for many years and knew we could count on them to see us through this project. They brought NCR to the table and the result has been outstanding. We have been able to deliver an innovative banking experience that is more convenient for our customers while improving the efficiency of our overall operations,” said South Shore Chief Information Officer and Executive Vice President, Pam O’Leary. “The NCR technology in place at South Shore Bank’s Hingham center is an example of how NCR is helping financial institutions better connect with their customers to grow their relationships in the community” South Shore opened the Hingham Financial Center in December of 2013 with Interactive Personal Teller Machines, or PTMs as South Shore calls them. NCR Interactive Tellers connect South Shore customers at the Hingham Financial Center bank with live video tellers so the facility can remain open to serve customers 7 a.m. – 7 p.m. Monday – Friday and 7 a.m. – 2 p.m. on Saturdays. “To support South Shore’s strategy of transforming its branch banking experience for customers, Red Hawk has delivered a system that combines video collaboration and remote transaction processing with the power of experience from our dedicated team of ATM service veterans,” said Red Hawk President and CEO Dean Seavers. The Interactive Personal Teller Machines have been so well received South Shore plans to begin offering the virtual tellers at its busiest transaction branch in Weymouth. Scheduled to open in September of 2014, the Weymouth facility will continue to operate as a branch office with the addition of PTMs to extend hours of operation. “The NCR technology in place at South Shore Bank’s Hingham center is an example of how NCR is helping financial institutions better connect with their customers to grow their relationships in the community,” said Jed Taylor, General Manager, NCR Interactive Services.